When a DB user is being created using cPanel interface MySQL DB wizard, the final step gives privilege options for assignment to the user. If later modification of the user's privileges is needed, one of those options (EXECUTE) is not available, thus if granted during user creation cannot be revoked subsequently.

Workaround is to delete and re-create the user, though inconvenient if the user is assigned to multiple DBs. Wizard is the only place EXECUTE privilege appears. During manual creation/assignment of a user this privilege option does not appear.

While EXECUTE appears in the wizard, it doesn't actually apply to the user for a privilege. That interface (the wizard) put it into the GUI but didn't actually tie into the backend to provide the privilege. That is the actual issue, which was discussed in this thread: